Aaron Durbin has submitted this change. ( https://review.coreboot.org/c/coreboot/+/44989 )
Change subject: soc/amd/picasso: Add config for PSP verstage signing token ......................................................................
soc/amd/picasso: Add config for PSP verstage signing token
This allows a platform to specify the location of the signing token for the PSP verstage, and build it into the firmware image.
BUG=b:166108929 TEST=Build file into PSP firmware, verify that it's present and has the correct ID. BRANCH=Zork
Signed-off-by: Martin Roth martinroth@chromium.org Change-Id: I182ad9b48a2776ccd29ead0f54cfe14c5bf45560 Reviewed-on: https://review.coreboot.org/c/coreboot/+/44989 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Raul Rangel rrangel@chromium.org Reviewed-by: Furquan Shaikh furquan@google.com Reviewed-by: Eric Peers epeers@google.com --- M src/soc/amd/picasso/Kconfig M src/soc/amd/picasso/Makefile.inc 2 files changed, 11 insertions(+), 0 deletions(-)
Approvals: build bot (Jenkins): Verified Furquan Shaikh: Looks good to me, approved Raul Rangel: Looks good to me, approved Eric Peers: Looks good to me, but someone else must approve
diff --git a/src/soc/amd/picasso/Kconfig b/src/soc/amd/picasso/Kconfig index 33db89b..ec5ff76 100644 --- a/src/soc/amd/picasso/Kconfig +++ b/src/soc/amd/picasso/Kconfig @@ -497,6 +497,13 @@ help Add psp_verstage file to the build & PSP Directory Table
+config PSP_VERSTAGE_SIGNING_TOKEN + string "Specify the PSP_verstage Signature Token file path" + depends on VBOOT_STARTS_BEFORE_BOOTBLOCK + default "" + help + Add psp_verstage signature token to the build & PSP Directory Table + endmenu
diff --git a/src/soc/amd/picasso/Makefile.inc b/src/soc/amd/picasso/Makefile.inc index e64ab0a..f7f64ef 100644 --- a/src/soc/amd/picasso/Makefile.inc +++ b/src/soc/amd/picasso/Makefile.inc @@ -250,6 +250,7 @@
# type = 0x52 - PSP Bootloader Userspace Application (verstage) PSP_VERSTAGE_FILE=$(call strip_quotes,$(CONFIG_PSP_VERSTAGE_FILE)) +PSP_VERSTAGE_SIG_FILE=$(call strip_quotes,$(CONFIG_PSP_VERSTAGE_SIGNING_TOKEN)) endif # CONFIG_VBOOT_STARTS_BEFORE_BOOTBLOCK
APOB_NV_SIZE=$(shell printf "0x%x" $(shell cat $(obj)/fmap.fmd | $(_GET_APOBNV_SIZE))) @@ -301,6 +302,7 @@ OPT_ABL7_FILE=$(call add_opt_prefix, $(PSP_ABL7_FILE), --abl-image) OPT_WHITELIST_FILE=$(call add_opt_prefix, $(PSP_WHITELIST_FILE), --whitelist) OPT_VERSTAGE_FILE=$(call add_opt_prefix, $(PSP_VERSTAGE_FILE), --verstage) +OPT_VERSTAGE_SIG_FILE=$(call add_opt_prefix, $(PSP_VERSTAGE_SIG_FILE), --verstage_sig)
OPT_PSP_APCB_FILES=$(foreach i, $(shell seq $(words $(PSP_APCB_FILES))), \ $(call add_opt_prefix, $(word $(i), $(PSP_APCB_FILES)), \ @@ -439,6 +441,7 @@ $(call_strip_quotes, $(PSP_IKEK_FILE)) \ $(call_strip_quotes, $(PSP_SEC_DEBUG_FILE)) \ $(PSP_VERSTAGE_FILE) \ + $(PSP_VERSTAGE_SIG_FILE) \ $$(PSP_APCB_FILES) \ $(AMDFWTOOL) \ $(obj)/fmap.fmd @@ -448,6 +451,7 @@ $(AMDFW_COMMON_ARGS) \ $(OPT_APOB0_NV_SIZE) \ $(OPT_APOB0_NV_BASE) \ + $(OPT_VERSTAGE_SIG_FILE) \ --location $(shell printf "%#x" $(PICASSO_FWM_POSITION)) \ --output $@